Enterprise triggered 2CHK association
First Claim
1. A method of operating a security server to securely transact business between a user and an enterprise via a network, comprising:
- receiving, at the security server from an enterprise with which the user is currently connected via the network, a request of the enterprise to activate a secure communications channel over the network between the user and the security server, wherein the request includes contact information for contacting the user via other than the network;
transmitting, by the security server in response to the received activation request, an activation code for delivery to the user via other than the network and corresponding to the received contact information;
receiving, at the security server from the user via the network, an activation code;
comparing, at the security server, the received activation code with the transmitted activation code to validate the received activation code;
activating the secure communications channel based on the validation of the received activation code, wherein the activated secure communications channel is a channel in which data is encrypted based on the validated received activation code;
receiving, at the security server, transaction information including an identifier for identifying the enterprise;
generating, at the security server based on the received transaction information, a one-time password for use by the user as a transaction signature, wherein;
the one-time-password is generated as a function of the identifier and a secret known only by the security server and the enterprise;
and the secret comprises a predetermined value agreed upon by both the security server and the enterprise to be used for generating all additional one-time passwords for all additional users transacting business with the enterprise;
transmitting the generated one time password from the security server to the user via the secure communications channel;
receiving, by the enterprise, the transmitted one time password to the enterprise from the user;
comparing, by the enterprise, the received one time password and a calculated one time password calculated by the enterprise using the secret and the identifier;
and transacting, by the enterprise, the business when the comparison is a match.
10 Assignments
0 Petitions
Accused Products
Abstract
A method of operating a security server to securely transact business between a user and an enterprise via a network includes receiving, at the security server from an enterprise with which the user is currently connected via the network, a request of the enterprise to activate a secure communications channel over the network between the user and the security server. The request includes contact information for contacting the user via other than the network. The security server, in response, transmits an activation code for delivery to the user via other than the network and in a manner corresponding to the received contact information. The security server receives, from the user via the network, an activation code and compares the received activation code with the transmitted activation code to validate the received activation code. The secure communications channel is then activated based on the validation of the received activation code.
92 Citations
7 Claims
-
1. A method of operating a security server to securely transact business between a user and an enterprise via a network, comprising:
-
receiving, at the security server from an enterprise with which the user is currently connected via the network, a request of the enterprise to activate a secure communications channel over the network between the user and the security server, wherein the request includes contact information for contacting the user via other than the network; transmitting, by the security server in response to the received activation request, an activation code for delivery to the user via other than the network and corresponding to the received contact information;
receiving, at the security server from the user via the network, an activation code;comparing, at the security server, the received activation code with the transmitted activation code to validate the received activation code; activating the secure communications channel based on the validation of the received activation code, wherein the activated secure communications channel is a channel in which data is encrypted based on the validated received activation code; receiving, at the security server, transaction information including an identifier for identifying the enterprise; generating, at the security server based on the received transaction information, a one-time password for use by the user as a transaction signature, wherein; the one-time-password is generated as a function of the identifier and a secret known only by the security server and the enterprise; and the secret comprises a predetermined value agreed upon by both the security server and the enterprise to be used for generating all additional one-time passwords for all additional users transacting business with the enterprise; transmitting the generated one time password from the security server to the user via the secure communications channel; receiving, by the enterprise, the transmitted one time password to the enterprise from the user; comparing, by the enterprise, the received one time password and a calculated one time password calculated by the enterprise using the secret and the identifier; and transacting, by the enterprise, the business when the comparison is a match. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of operating a security server to securely transact business between a user and an enterprise via a network, comprising:
-
receiving, at the security server from the user, a request of the user, including contact information for contacting, the user via other than the network, to activate a secure communications channel over the network between the user and the security server; transmitting, by the security server to the user via the network response to the received activation request, notification that the secure communications channel is quasi activated; receiving, at the security server, transaction information including an identifier of an enterprise and details of a transaction which the user desires to enter into with the enterprise; transmitting, by the security server in response to the received transaction information, an activation code for delivery to the user via other than the network and corresponding to the received contact information; receiving, at the security server from the user via the network, an activation code; comparing, at the security server, the received activation code with the transmitted activation code to validate the received activation code; activating the secure communications channel based on the validation of the received activation code, wherein the activated secure communications channel is a channel in which data is encrypted based on the validated received activation code; transmitting the transaction information, from the security server to the user via the activated secure communications channel; generating, at the security server based on the received transaction information, a one-time-password for use by the user as a transaction signature, wherein; the one-time-password is generated as a function of the identifier and a secret known only by the security server and the enterprise; and the secret comprises a predetermined value agreed upon by both the security server and the enterprise to be used for generating all additional one-time passwords for all additional users transacting business with the enterprise; transmitting the generated one time password from the security server to the user via the secure communications channel; receiving, by the enterprise, the transmitted one time password to the enterprise from the user; comparing, by the enterprise, the received one time password and a calculated one time, password calculated by the enterprise using the secret and the identifier; and transacting, by the enterprise, the business when the comparison is a match.
-
Specification